Log granted/denied authorization requests

2022-08-05 09:29:11 +02:00 · 2022-08-05 09:29:11 +02:00 · fe57923c35
parent b20ef4fcb0
commit fe57923c35
6 changed files with 60 additions and 1 deletions
--- a/core/apps.py
+++ b/core/apps.py
@ -4,3 +4,6 @@ from django.apps import AppConfig
 class CoreConfig(AppConfig):
    default_auto_field = 'django.db.models.BigAutoField'
    name = 'core'
+
+    def ready(self):
+        from . import receivers
--- a/core/migrations/0006_authorizationlog.py
+++ b/core/migrations/0006_authorizationlog.py
@ -0,0 +1,27 @@
+# Generated by Django 3.2.15 on 2022-08-05 07:28
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('oidc_provider', '0027_auto_20220801_1333'),
+        ('core', '0005_profile_last_name'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='AuthorizationLog',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('scope', models.TextField()),
+                ('granted', models.BooleanField()),
+                ('timestamp', models.DateTimeField(auto_now_add=True)),
+                ('client', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='oidc_provider.client')),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]
--- a/core/models/init.py
+++ b/core/models/init.py
@ -1,2 +1,3 @@
 from .auth import User
-from .profile import Profile
+from .profile import Profile
+from .logging import AuthorizationLog
--- a/core/models/logging.py
+++ b/core/models/logging.py
@ -0,0 +1,12 @@
+from django.db import models
+from django.contrib.auth import get_user_model
+
+from oidc_provider.models import Client
+
+
+class AuthorizationLog(models.Model):
+    user = models.ForeignKey(get_user_model(), models.CASCADE)
+    client = models.ForeignKey(Client, models.CASCADE)
+    scope = models.TextField()
+    granted = models.BooleanField()
+    timestamp = models.DateTimeField(auto_now_add=True)
--- a/core/receivers/init.py
+++ b/core/receivers/init.py
@ -0,0 +1 @@
+from .oidc import user_accept_consent, user_decline_consent
--- a/core/receivers/oidc.py
+++ b/core/receivers/oidc.py
@ -0,0 +1,15 @@
+from django.dispatch import receiver
+
+from oidc_provider.signals import user_accept_consent, user_decline_consent
+
+from ..models import AuthorizationLog
+
+
+@receiver(user_accept_consent)
+def consent_granted(sender, **kwargs):
+    AuthorizationLog.objects.create(user=kwargs["user"], client=kwargs["client"], scope=kwargs["scope"], granted=True)
+
+
+@receiver(user_decline_consent)
+def consent_denied(sender, **kwargs):
+    AuthorizationLog.objects.create(user=kwargs["user"], client=kwargs["client"], scope=kwargs["scope"], granted=False)
				`@ -0,0 +1 @@`
				`from .oidc import user_accept_consent, user_decline_consent`